Encrypt data from users in web applications

Question

Encrypt data from users in web applications

Some web applications, such as Google Docs, store user-created data. Data that can only be read by its owner. Or maybe not?

As far as I know, this data is stored as in a remote database. Thus, if someone with sufficient privileges on the remote system (for example, sysadmin) can hide my data, my privacy may be compromised.

What could be the best solution for storing data encrypted in a remote database, and that only the data owner can decrypt it? How to make this process transparent to the user? (You cannot use the user's password as a key to encrypt your data, because you do not need to know his password).

+3

web-applications privacy encryption

Auron Sep 2 '08 at 15:18

source share

5 answers

, , , -, - // , , . , , , SSL, , " , ?".

+4

UnkwnTech 02 . '08 15:32

, , Amazons AWS. , . . . / .

: - (: ), . , . .

, , GPG/PGP .., , - - , .

edit @Carl Unkwntech : , . , - ...; -)

+1

cringe 02 . '08 15:33

Auron : / ? ?

, , . , . , , - , , - , , , .

Crypto ;-) AxCrypt Xecrets 'off-line .

+1

Carl Seleborg 03 . '08 8:37

, , . Google , .

-1

Dmitry Shechtman 02 . '08 15:29

Carl Seleborg · Accepted Answer · 2008-09-02T15:25:30+0000

If encryption / decryption is performed on the server, you cannot make sure that the text is not dumped somewhere in any log file or the like.

You need to do encryption / decryption inside the browser using JavaScript / Java / ActiveX or whatever. As a user, you need to trust the client side of the web service so that you do not send back information that is not encrypted to the server.

Charles

Encrypt data from users in web applications

More articles: